happy-app-audit
Warn
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several system utilities including strings, codesign, and plutil through a whitelisted wrapper to extract app metadata and content.
- [DATA_EXFILTRATION]: Accesses sensitive local directories such as ~/Library/Application Support and ~/Library/Logs to inventory files and analyze SQLite schemas related to app reporting.
- [PROMPT_INJECTION]: Presents a surface for indirect prompt injection by processing untrusted strings from third-party binaries and presenting them to the agent for report generation.
- [EXTERNAL_DOWNLOADS]: Uses npx to download and execute the bun runtime if it is missing from the host environment.
Audit Metadata